Microsoft seized two U.S. hacker ‘command’ servers

Microsoft on Monday said that cyber crime "command" servers in two US states were seized in an ongoing campaign to sever online crooks from infected computers used as virtual henchmen. (AFP Photo/Justin Sullivan)

Microsoft on Monday said that cyber crime “command” servers in two US states were seized in an ongoing campaign to sever online crooks from infected computers used as virtual henchmen.

A team headed by the software colossus capitalized on laws crafted to fight organized crime groups to obtain court orders to seize servers in Pennsylvania and Illinois being used to control computers corrupted by malicious code.

Viruses slipped into people’s machines stole online banking account and password information and relayed it to crooks who have looted more than $100 million in the past five years, according to court documents.

The “worldwide, illegal” computer networks were an amalgam of more than 13 million infected machines referred to as “Zeus botnets” due to the type of malicious code involved.

Zeus malware is designed to log keystrokes typed on computers, watching for patterns that indicate information about online bank accounts.

“A number of the most harmful botnets using the Zeus family of malware worldwide have been disrupted in an unprecedented, proactive cross-industry operation against this cybercriminal organization,” Microsoft said.

The seizure of “command and control” servers on Friday was the latest move by Microsoft to collaborate with other members of the industry to cut elusive cyber criminals off from infected computers used to do their bidding.

Microsoft six months ago took down a “botnet” believed to have been used for nefarious activities including spam, stock scams, and sexual exploitation of children, and sued the owner of an online domain used to control operations.

That disrupted “Kelihos” network was an apparent reincarnation of the first botnet Microsoft took down with a combination of legal and technical tactics.

A year ago, Microsoft dismantled a “notorious and complex” network of virus-infected computers used to send billions of email messages daily hawking fake drugs.

The Rustock “botnet” consisted of about a million computers that were infected with malicious code to let hackers covertly control the machines from afar using “command and control” servers.

Owners of infected computers are typically not aware that hackers are using their machines.

(Microsoft on Monday said that cyber crime “command” servers in two US states were seized in an ongoing campaign to sever online crooks from infected computers used as virtual henchmen. AFP Photo/Justin Sullivan)

Don't let Silicon Valley control what you see. Get more stories like this in your inbox, every day.